We implemented an integrated Enterprise Risk Management Model (ERM) to assess risks

Risk assessment is considered as being the basic element of the internal control and risk management system. IGD, with this in mind and in order to be equipped with tools that are more in line with the control and risk management needs required by its organisational complexity, status as listed company and business dynamics, defined and implemented an integrated risk management process, based on the internationally recognised standards in the field of Enterprise Risk Management (“ERM”). In line with the reference methodological standards, risk assessment is portrayed by means of four sub elements:

  • Definition of appropriate objectives

The Company verifies that the planning, implementation and monitoring activities of the internal control and risk management system are continuously in line with the Company’s strategic, financial, operational and compliance objectives.

  • Identification and assessment of risks

The Risk Management Model adopted calls for the model itself to be continuously updated and developed by the Management, in order to ensure that it is in line with organisational and business evolution.

This activity, carried out in relation to the Enterprise Risk Management process, is supplemented by specific risk assessments which are carried out as part of specific control systems (internal auditing, control system on administrative-accounting procedures  ex. L. 262/05).

  • Identification and assessment of fraud risks

The defined ERM model identifies and assesses, in its Risk Map, a risk area referring to  “Fraud committed by Company personnel or by its stakeholders with effects on its assets and on its reputation”. The control measures defined, in particular with regard to administrative-accounting areas, finance and treasury management area and commercial and asset management, also take into account aspects regarding fraud risks.

  • Identification and analysis of important changes

As part of the defined internal control and risk management system, checks and updates regarding risk analysis and assessment are periodically planned and carried out, taking into account the strategies pursued and the organisational and business model adopted. Therefore, the Company promotes and carries out periodic activities to update its risk identification and assessment models (ERM system, Organisational, Management and Control Model ex Legislative Decree 231/01, administrative-accounting control system ex. L. 262/05) and to verify their consistency with its specific organisational and business features and with its corporate strategies.

Main risks faced by IGD